Forkly discloses its data-collection practices in open letter to Congress

One iOS app maker is so confident in the righteousness of its data collection practices that it has responded to a congressional inquiry with an open letter detailing the types of user information it collects, transmits, and stores.

“In full disclosure of our privacy practices — and because we’re proud of our track record — we’ve posted our responses to Congress,” Forkly co-founders Brady Becker and Martin May wrote Tuesday on the company’s blog.

In the open letter, Forkly, the first app maker that we know of to publicly address the matter with detailed responses, disclosed that it has never transmitted or stored information from or about a user’s mobile phone address book. The co-founders did say, however, that Forkly transmits and stores push notification device tokens, transmits a device’s location when needed, and indirectly collects device identification numbers (UDIDs) from its beta testers using TestFlight.

“Forkly does not store any address book information. Forkly stores push notification device tokens to support sending push notifications to users,” the app makers said. “We keep this information until the user deletes their account, and/or until Apple’s Feedback Service… notifies us that a device token has had failed delivery attempts.”

The letter appears to be the most forthcoming response yet from an app maker to the iOS address book and data privacy kerfuffle, and it shows that May and Becker feel they have little to hide from Congress — or their users.

In fact, the pair have long felt a responsibility to collect and transmit as little personal data as possible. They faced similar data collection challenges when working on their previous location-based startup, Brightkite.

“When we were discussing the implementation, the first iteration inevitably lead to the same strategy that Path is using: upload the user’s address book information to our servers so we can do the matching. But it didn’t feel right,” May said previously of the dilemma.

Brightkite instead employed a hash system that allowed it to compare hashes rather than the full text of phone numbers and email addresses to make friend matches.

As for the matter at hand, what do the Forkly co-founders believe to be the proper resolution to how apps collect personal data?

“We understand why Congress is concerned, but we’re not sure if legislation is the solution here,” Becker told VentureBeat. “We believe the proper resolution resides in more transparent privacy policies, something that is easy to digest and understand.”

“Beyond that we think, pressure by users for companies to be transparent and adopt best practices will help this issue,” Becker concluded.

VentureBeat has reached out to the congressional subcommittee to determine if any other app makers, including Apple, have privately responded to last week’s inquiry. The deadline for responses, as stated initially, is April 12.